From 20c6984926436902ed5568e383f63320586dd649 Mon Sep 17 00:00:00 2001 From: Ryan Kelly Date: Fri, 8 May 2020 11:00:58 +1000 Subject: [PATCH] Make the data-deletion script work for accounts with TOTP enabled. --- bin/delete_user_data.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/bin/delete_user_data.py b/bin/delete_user_data.py index 915d812..a4bdbd7 100644 --- a/bin/delete_user_data.py +++ b/bin/delete_user_data.py @@ -53,12 +53,16 @@ def main(argv): # TODO: this won't work if the user has enabled two-step auth. status = s.get_email_status() if not status["sessionVerified"]: - code = raw_input("Enter verification link or code: ") - if "?" in code: - # They copy-pasted the full URL. - code_url = urlparse.urlparse(code) - code = urlparse.parse_qs(code_url.query)["code"][0] - s.verify_email_code(code) + if s.verificationMethod == "totp-2fa": + code = raw_input("Enter TOTP code: ") + s.totp_verify(code) + else: + code = raw_input("Enter verification link or code received via email: ") + if "?" in code: + # They copy-pasted the full URL. + code_url = urlparse.urlparse(code) + code = urlparse.parse_qs(code_url.query)["code"][0] + s.verify_email_code(code) # Prepare authentication details for tokenserver. (_, kB) = s.fetch_keys()